DIY Data

March 2016

By&nbspMargo Vanover Porter

Oregon State University’s CORE initiative standardizes reporting and makes data accessible to all employees, with the end goal of improving student success.

Back in 2012, Michael Hansen had a dream: To open access to data, making information available to all Oregon State University (OSU) employees, dependent on their need to know and based on their job duties.

Today, that dream has come true.

“Rather than have each unit doing its own thing, we sought to standardize and open up access to everyone on campus,” says Hansen, OSU’s director of the business intelligence center in Corvallis. “Access went from about 900 people to almost 7,000. Rather than having to go to an individual in your department for information, you can get it yourself.”

Prior to 2012, the institution lacked standardized reporting across the 30,000-student campus. “Everybody came up with his or her own reports,” he explains. “Every department and college would create its own reports and numbers based on its metrics, which were correct for each of its own operations, but didn’t match another college’s operation. Once you put all these reports together, none of them matched our numbers for the university. We needed to standardize reporting across the university so that everybody understood what the data meant and [what] metrics the university would use to make decisions.”

About the same time, Lois Brooks, vice provost and chief information officer, attended meeting after meeting where participants all had “an incredible hunger for operational data and information to manage the university and ensure student success,” she recalls. “As I sat through conversation after conversation about what we were trying to achieve with our programs, the question of data kept coming up. It occurred to me that if we could get data to people’s fingertips—and they could trust that the data were accurate—we could really transform the conversations we were having.”

Both Brooks and Hansen soon became transformative leaders in the resulting Cooperative Open Reporting Environment (CORE) initiative, which was recognized with a NACUBO 2015 Innovation Award. “We spent about four months in information technology, planning our architecture before we actually wrote a line of code,” Brooks recalls. “We really sat back and looked at what we already owned, where the data came from, how it would flow, and who needed it. We then walked the plan by security, audit, and other key stakeholders to make sure that they felt comfortable with where we were going.”

To keep the project affordable, OSU relied on existing technology and an open source system. “The entire incremental spend on this has been $36,000,” Brooks says. “All of it was done with existing staff by understanding where we had the expertise and tapping people to say, ‘We need you to work on this now.’”

The business intelligence center development team consists of six handpicked developers and analysts, plus Hansen, who put the hodgepodge of systems together and built the reports needed to make everyday decisions. “We took the approach that data, no matter where it resides, is a university asset,” Hansen says. “Therefore, we would all have access to data, depending on our roles, rather than keeping all the data stored in silos.”

To accomplish this, the business intelligence team merged the disparate information sources involving finance, students, HR, and payroll into a central data warehouse and then added housing, auxiliary, and foundation facts and figures to the mix. “Rather than having a warehouse that was strictly Banner data, we have a warehouse with data from many, many sources,” he says.

A Standard Reference

After its fall 2013 rollout, CORE fundamentally changed the way campus units use information, explains Sherman Bloomer, director of budget and fiscal planning. “We’re seeing units, both academic and business, using the reports generated by the CORE group as the standard reference for measuring anything you can think of—from credit hours to majors to expenditures. Student affairs is using it to identify students at risk.”

For example, he says, if a unit is struggling with balancing a budget, he can now sit at his desk and pull up a standard way of looking at the unit’s expenditure patterns, history, and anomalies relative to this year versus the last two years. Prior to CORE’s rollout, he would be sorting through spreadsheets.

“We use the information in how we budget so that we have a consistent way of comparing units in terms of how many credit hours they generate, how many majors they have, and how many credit hours they teach for students outside their college,” he says. “This is an institutional resource, not owned by any particular group, which makes it possible to have common information to make decisions. People have confidence that what Michael and his team have produced is an accurate representation of their units, which saves a tremendous amount of time in working through problems.”

With more than 600 reports, dashboards, and visualizations to choose from, users have already collected favorites. Class roster reports are popular, especially at the start of the term, explains Jeff Merth, business intelligence analyst, because of the hyperlinks. “You can click on the instructor and see what he or she is teaching this term or any term,” he says. “You can click on a student and see his or her schedule for the term. When you see the schedule, there are more hyperlinks.”

Student profile reports have also proven popular because they consolidate information that used to be spread across two or three other systems. “Advisers campuswide have latched onto this report because it shows in one place a student’s name, address, phone number, current class standing, and GPA, as well as where he came from, if she transferred, and all grades in all classes,” Merth says.

Not Without Challenges

Although CORE team members now daily churn out detailed reports with apparent ease, the mission to open access to data at OSU was not accomplished without challenges.

“We had a number of kumbaya moments,” Brooks says. This usually occurred once people realized that they would get to see not only more information—but everyone would be able to view their previously protected storehouse of statistics. They then wondered, “Do I want everybody to see that data? Is my job threatened because it’s my job to hand out that data?”

During the process, Brooks admits she learned how incredibly important governance is to this process. “Part of the change is the decision-making structure of who gets to see what,” she says. “You need to have a formal way in which those decisions are made.”

Bloomer believes data control and access were probably the most difficult issues to overcome because departments interpreted FERPA rules locally, sometimes coming to conclusions that were overly restrictive or permissive. Changing that was largely a matter of conversation and education, although once in a while, a manager was told, “I’m sorry, but you’re not in charge of that anymore.”

“Fortunately, we didn’t have very many of those,” Bloomer acknowledges.

In addition to access rules, the subject of shadow systems occasionally arose in the early days. “Some people were hesitant to give up historical practices,” Bloomer says. “By and large, we took the approach that you could keep running shadow systems, but they wouldn’t be the system of record, and they wouldn’t give you the right answer. People let them die because they weren’t useful anymore.”

For Jeff Merth, who developed the behind-the-scenes database, the biggest challenge was to make the system so easy that someone could sit down and use it with very little training. First-time users can go to the quick-tips page, which tells them how to run reports, how to export them to a PDF or Excel, and how to contact the CORE team.

“With CORE, we deliberately kept it very simple, and we have tips or hints that will pop up for first-time users,” he adds. “We have video help so that instead of reading manuals or documentation, you can sit down with a two-minute help video that explains some aspect of the system.”

Another challenge: Once all the data were consolidated, it became apparent that cleanup needed to become a priority.“There had been errors in the data all along,” Brooks says, “so the business office, the registrar’s office, HR, and finance made an effort to clean up the data and to retool business processes to catch errors on the way in. Data only hold value in as much as they are available, actionable, and true.”

Hard-won Advice

In Merth’s opinion, developing a custom interface and embedding OSU reporting, rather than just going with the stock product “and being stuck with whatever,” was a differentiator that he recommends to other institutions. “We have been able to make the interface look, feel, and behave the way we want it to.”

The interface, he says, is a custom Web application designed and built using Visual Studio and other Microsoft technologies. “You can access CORE anywhere in the world that you have a browser available. People access CORE from home or from our research vessels at sea. If you need to know what the current balance of one of your grants is, you can pull up CORE while out in the ocean.”

Other advice from Oregon State University leaders includes:

Offer training. The business intelligence team participates in several campuswide training days on CORE throughout the year and offers individual instruction as requested. “We will go out to any unit on campus, no matter how big or small, and present customized training,” Merth says. “We also have people stop by the office and say, ‘Hey, I need a little help.’ Then we work one-on-one with people.”

Determine consequences. “When you make a lot more information available—and appropriately available—the chances of somebody doing something inappropriate do change,” Bloomer says. He advises institutions to discuss how to hold people accountable—and what the consequence would be—for unauthorized access or misappropriation of data. “You need senior leaderships saying, ‘Yes, we endorse this. This has our seal of approval.’”

Involve users. At every step, the business intelligence team lets users know they are part of the development process and that their input greatly influences the outcome. “Wherever we go, Michael always says, ‘This is your system. We’re designing it for you, so please let us know how you want it to work.’”

In fact, a feedback loop is built into CORE. If users are in the system, and notice that a report could be improved by adding a particular field, they simply push a button, and type in “Please add this field.” The request— including all the information about the report, who the user was, and the parameters they ran—goes directly to the business intelligence team and gets triaged.

“We can see exactly what they were looking at and decide if [the request is] possible,” Hansen says. “There may be restrictions on the data that don’t allow it, but in most cases, we can make the change and send it back.”

Select visual software. To create the reports, members of the business intelligence team use SQL Server Reporting Services, to which they already had access because of OSU’s sitewide license for Microsoft software. “We bought Jaspersoft, which is a Web-based tool that you use to drag and drop your rows and columns on a page, and it makes a report for you,” Merth says. “We were able to embed that in the CORE interface as well.”

Keep on keeping on. “If you decide to go down this road, you have to be persistent,” Hansen insists. “Keep moving forward, and improving and adapting the system to user needs. Your reports can never become stagnant.”

The Next Step

Although she “donated” three staffers to the CORE team, Brooks doesn’t worry if she will ever get them back. “I don’t think of it that way,” she says. “This is a strategic IT project for the university. Technology is not the reason we exist, but it does have the power to transform the university. We’re aggregating data now with strategic implications. We are understanding things we never could before.”

The goal is student success, which Brooks compares to an ocean with different tributaries of data and activities feeding into it. “Amassing all the data is the first step. We can now see very clearly, for example, our wait list and when it is time to open up more courses. The next generation of analytics will be to understand more fully how each of these tributaries affects or does not affect student success. For example, are students who study abroad more likely to graduate on time? Or what influences a student’s migration through changing majors?”

She anticipates that OSU’s next step will be more sophisticated modeling, folding in predictive analytics with historic analytics to better forecast the recipe for student success. “That’s the core business of our university. It’s hard to envision much that is more important.”

Student profile reports have also proven popular because they consolidate information that used to be spread across two or three other systems.

A License to Innovate

The multiyear business intelligence project by Oregon State University, Corvallis, that won a NACUBO 2015 Innovation Award, took several innovative twists and turns:

Only high performers with agility need apply. “Normally these types of projects get passed off to IT and thrown over the wall. They have to go through a process of designing specs, building out the project, assigning programmers, and—in six or eight months—you come up with a prototype for people to look at,” says Michael Hansen, director of the business intelligence center. “I didn’t want to do that. I wanted to be very responsive. I wanted to react to people’s needs.”

Instead, a team of six developers and analysts from across campus were handpicked and co-located in the budget office so that they could work together. “We call it agile programming, but I think it’s a little more chaotic because we move very fast,” he says. “I allow my staff to dream and figure out what they would like to do and look at all the possibilities. We had the interface built and a set of baseline reports done in six months.”

Hansen recruits additional functional specialists for short-term projects. For example, an employee from agricultural science is currently spending six months with business intelligence to develop detailed reports for his area. “Both sides benefit because both sides gain additional knowledge,” he says.

Lois Brooks, vice provost and chief information officer, calls this collaboration a “don’t be constrained by the org chart” approach because Hansen’s reporting relationship goes through the budget office, but he’s leading this IT project for the university while still retaining some of his other job responsibilities.

“I put three people in CORE, very carefully chosen for their skill set,” she says. “We moved their offices to sit with Michael even though they are still in my organization. Six people, all contributed by their supervisors, were handchosen to create a CORE team. They report to him in practice. They have no other job duties.”

Jeff Merth, a business intelligence analyst who developed the Web application that serves reports to users, considers himself lucky to be chosen as part of the development team. “I thank my stars every day that I’ve been able to be a part of this,” he says. “Michael is a creative genius who can come up with ideas and lets others come up with ideas. There’s a license—or expectation—to innovate.”

Although this was the first project in which OSU has pulled people out of their functional areas and asked them to focus only on a designated campus priority, now all major technical projects will be handled this way, Hansen indicates.

Access is defined by the need to know. Replacing a paper-based process with automations to determine information access for each university position has reduced the time frame of two to four weeks to assign user access to as short as overnight.

“Data access is really based on the need to know, and the need to know is based on your job duties,” Hansen explains. “We decided what each position’s security level would be, based on data aggregation levels—one being very highly aggregated data and five being very detailed data. We split up the data into major groups, such as student accounts, finance, and HR. We then went through table by table and field by field and determined that a position would have a designated access level for this data point. It took about two months.” (See figure, “Identifying Position Security Levels.”)

Before coming up with this tiered structure, Brooks made it a point to talk to—and reach agreement with—business units and stakeholders about the principles of access. “We’re quite careful with data that is fully used across the university,” she says. “For example, the number of students taking a math class is not sensitive data. How a student did on a test in that math class is a sensitive piece of data. This is not just access to the data. It’s also care for the individual. Where do we need to protect privacy more carefully?”

Full- and part-time regular employees have some level of access, according to Merth, but student employees are excluded. Deans, department heads, and executive assistants tend to have very high access.

“The data is open to everyone, but there is still a security principle called the principle of least privilege,” Merth explains. “If you’re an adviser, you may not need to see HR and finance data, so we’re not giving it you by default, in order to protect you and us. If your computer gets hacked or infected with a virus, without access to student data, no one can grab names and grades. You have [access to] the most [data] that you need to get your job done.”

Identifying Position Security Levels

Access levels based on data aggregation of business intelligence reports.

One-time review of 650 positions

Standard faculty, classified, and unclassified positions in the OSU HR information system (HRIS).

Each of the positions took an average of one hour to map.

Faculty and executive level position took the least time to review.

Student access levels were the hardest to determine, taking 75 percent of the time.